From 57e4a580c2f69a6fdb5ba1eb1eca3e8e7d80dc5a Mon Sep 17 00:00:00 2001
From: Andy Neff <andy@visionsystemsinc.com>
Date: Tue, 4 Nov 2025 14:48:18 -0500
Subject: [PATCH 1/9] First test of shellcheck

Signed-off-by: Andy Neff <andy@visionsystemsinc.com>
---
 .github/shell_check.bsh          | 29 +++++++++++++++++++++++++++++
 .github/workflows/shellcheck.yml | 18 ++++++++++++++++++
 linux/common_source.sh           |  2 ++
 setup.env                        |  1 +
 tests/test_colors.sh             |  1 +
 vsi_common.env                   |  2 ++
 6 files changed, 53 insertions(+)
 create mode 100755 .github/shell_check.bsh
 create mode 100644 .github/workflows/shellcheck.yml

diff --git a/.github/shell_check.bsh b/.github/shell_check.bsh
new file mode 100755
index 000000000..c33416c9b
--- /dev/null
+++ b/.github/shell_check.bsh
@@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+
+# docker run -it --rm -v "${VSI_COMMON_DIR}:/code:ro" registry.gitlab.com/pipeline-components/shellcheck:latest /code/.github/shell_check.bsh
+
+set -eu
+
+if ! command -v git &> /dev/null; then
+  apk add --no-cache git
+fi
+
+SHELLCHECK_ARGS=(
+  -f json
+  # -S error
+  # -e ...
+  -Calways
+)
+
+cd "${CI_PROJECT_DIR-/code}"
+
+git config --global --add safe.directory /src/external/terra/external/vsi_common
+
+git ls-files -z | ash
+  xargs -0 -n1 sh -c '[ -f "${1}" ] && \
+                      head -n 1 "$1" | \
+                      grep -qE "^#!.*(bash|false)" \
+                      && echo "$1"' _ | \
+  grep -v '\.simplecov' | \
+  xargs -n10 bash -c 'echo shellcheck "${SHELLCHECK_ARGS[@]}" "${@}" | tee /tmp/results.$$' _
+  # process 10 at a time, because 50 at a time causes it to hang. 49 worked
diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
new file mode 100644
index 000000000..e1ab3584c
--- /dev/null
+++ b/.github/workflows/shellcheck.yml
@@ -0,0 +1,18 @@
+name: Shellcheck linting
+
+# This is required
+on:
+  push:
+
+jobs:
+  shellcheck:
+    runs-on: ubuntu-latest
+    container:
+      image: registry.gitlab.com/pipeline-components/shellcheck:latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4 # This step will also run inside the container
+        with:
+          submodules: false
+      - name: Run ShellCheck
+        run: "${CI_PROJECT_DIR}/.gitlab/shellcheck.bsh"
diff --git a/linux/common_source.sh b/linux/common_source.sh
index f70365a8c..7aeda2661 100644
--- a/linux/common_source.sh
+++ b/linux/common_source.sh
@@ -1,3 +1,5 @@
+#!/usr/bin/env false
+
 #*# linux/common_source
 
 # Use the sh POSIX compliant version of source_once
diff --git a/setup.env b/setup.env
index 703c800d8..b58ea558c 100644
--- a/setup.env
+++ b/setup.env
@@ -1,3 +1,4 @@
+#!/usr/bin/env false
 test -f ./linux/check_shell && ./linux/check_shell bash zsh
 export JUST_SETUP_SCRIPT="$(basename "${BASH_SOURCE[0]}")"
 source "$(dirname "${BASH_SOURCE[0]}")/env.bsh"
diff --git a/tests/test_colors.sh b/tests/test_colors.sh
index 82936884a..ba3b11eb2 100644
--- a/tests/test_colors.sh
+++ b/tests/test_colors.sh
@@ -1,3 +1,4 @@
+#!/usr/bin/env false
 
 #*# tests/test_colors
 
diff --git a/vsi_common.env b/vsi_common.env
index 91539909b..811f50e89 100644
--- a/vsi_common.env
+++ b/vsi_common.env
@@ -1,3 +1,5 @@
+#!/usr/bin/env false
+
 JUST_PROJECT_PREFIX=VSI_COMMON
 source "${VSI_COMMON_DIR}/linux/just_files/just_version.bsh"
 

From 147a28872cf5bea8adb270fdd8b01e9a8acf1e95 Mon Sep 17 00:00:00 2001
From: Andy Neff <andy@visionsystemsinc.com>
Date: Tue, 4 Nov 2025 15:49:14 -0500
Subject: [PATCH 2/9] Formatting for github [skip appveyor]

Signed-off-by: Andy Neff <andy@visionsystemsinc.com>
---
 .github/shell_check.bsh          | 15 +++++++++------
 .github/workflows/shellcheck.yml |  6 ++++++
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/.github/shell_check.bsh b/.github/shell_check.bsh
index c33416c9b..4742e5aa5 100755
--- a/.github/shell_check.bsh
+++ b/.github/shell_check.bsh
@@ -4,26 +4,29 @@
 
 set -eu
 
-if ! command -v git &> /dev/null; then
-  apk add --no-cache git
-fi
+apk add --no-cache git jq
 
 SHELLCHECK_ARGS=(
+  # no fancy args with spaces, won't work because of how I pass array below
   -f json
   # -S error
   # -e ...
-  -Calways
 )
 
 cd "${CI_PROJECT_DIR-/code}"
 
 git config --global --add safe.directory /src/external/terra/external/vsi_common
 
-git ls-files -z | ash
+git ls-files -z |
   xargs -0 -n1 sh -c '[ -f "${1}" ] && \
                       head -n 1 "$1" | \
                       grep -qE "^#!.*(bash|false)" \
                       && echo "$1"' _ | \
   grep -v '\.simplecov' | \
-  xargs -n10 bash -c 'echo shellcheck "${SHELLCHECK_ARGS[@]}" "${@}" | tee /tmp/results.$$' _
+  xargs -n10 -P "$(nproc)" bash -c 'shellcheck '"${SHELLCHECK_ARGS[*]}"' "${@}" > /tmp/results.$$; for x in "${@}"; do echo "${x}" processed.; done' _
   # process 10 at a time, because 50 at a time causes it to hang. 49 worked
+
+mkdir -p /tmp/results
+jq -s add /tmp/results.* > /tmp/results/shellcheck.json
+
+jq -r '.[] | select(.level == "error" or .level == "warning") | "::\(.level) file=\(.file),line=\(.line),col=\(.column),endColumn=\(.endColumn),title=Wtf::\(.message)"' /tmp/results/shellcheck.json
diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
index e1ab3584c..e51e5d719 100644
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@@ -16,3 +16,9 @@ jobs:
           submodules: false
       - name: Run ShellCheck
         run: "${CI_PROJECT_DIR}/.gitlab/shellcheck.bsh"
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: shellcheck-output
+          path: /tmp/results/
\ No newline at end of file

From 9eb53700fe27206f0ef45e474b8c106f9e8b3f53 Mon Sep 17 00:00:00 2001
From: Andy Neff <andy@visionsystemsinc.com>
Date: Tue, 4 Nov 2025 16:17:33 -0500
Subject: [PATCH 3/9] CI [skip appveyor]

Signed-off-by: Andy Neff <andy@visionsystemsinc.com>
---
 .github/shell_check.bsh          | 2 +-
 .github/workflows/shellcheck.yml | 5 ++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/.github/shell_check.bsh b/.github/shell_check.bsh
index 4742e5aa5..54a49a028 100755
--- a/.github/shell_check.bsh
+++ b/.github/shell_check.bsh
@@ -13,7 +13,7 @@ SHELLCHECK_ARGS=(
   # -e ...
 )
 
-cd "${CI_PROJECT_DIR-/code}"
+cd "${GITHUB_WORKSPACE-/code}"
 
 git config --global --add safe.directory /src/external/terra/external/vsi_common
 
diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
index e51e5d719..70501afb2 100644
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@@ -15,10 +15,9 @@ jobs:
         with:
           submodules: false
       - name: Run ShellCheck
-        run: "${CI_PROJECT_DIR}/.gitlab/shellcheck.bsh"
-
+        run: "${GITHUB_WORKSPACE}/.gitlab/shellcheck.bsh"
       - name: Upload artifact
         uses: actions/upload-artifact@v4
         with:
           name: shellcheck-output
-          path: /tmp/results/
\ No newline at end of file
+          path: /tmp/results/

From 5e4f9d40c17ba1549fa2fef0d7e4d52f66800824 Mon Sep 17 00:00:00 2001
From: Andy Neff <andy@visionsystemsinc.com>
Date: Tue, 4 Nov 2025 16:21:04 -0500
Subject: [PATCH 4/9] CI [skip appveyor]

Signed-off-by: Andy Neff <andy@visionsystemsinc.com>
---
 .github/{workflows => }/macos.yml | 0
 .github/workflows/shellcheck.yml  | 5 ++++-
 2 files changed, 4 insertions(+), 1 deletion(-)
 rename .github/{workflows => }/macos.yml (100%)

diff --git a/.github/workflows/macos.yml b/.github/macos.yml
similarity index 100%
rename from .github/workflows/macos.yml
rename to .github/macos.yml
diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
index 70501afb2..37a32eb05 100644
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@@ -15,7 +15,10 @@ jobs:
         with:
           submodules: false
       - name: Run ShellCheck
-        run: "${GITHUB_WORKSPACE}/.gitlab/shellcheck.bsh"
+        run: |
+          pwd
+          ls -la
+          "${GITHUB_WORKSPACE}/.gitlab/shellcheck.bsh"
       - name: Upload artifact
         uses: actions/upload-artifact@v4
         with:

From 8d14736206bf28128b3fe5923167a240cad93774 Mon Sep 17 00:00:00 2001
From: Andy Neff <andy@visionsystemsinc.com>
Date: Tue, 4 Nov 2025 16:23:38 -0500
Subject: [PATCH 5/9] CI [skip appveyor]

Signed-off-by: Andy Neff <andy@visionsystemsinc.com>
---
 .github/workflows/shellcheck.yml | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
index 37a32eb05..45de7e76c 100644
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@@ -15,10 +15,7 @@ jobs:
         with:
           submodules: false
       - name: Run ShellCheck
-        run: |
-          pwd
-          ls -la
-          "${GITHUB_WORKSPACE}/.gitlab/shellcheck.bsh"
+        run: "${GITHUB_WORKSPACE}/.github/shellcheck.bsh"
       - name: Upload artifact
         uses: actions/upload-artifact@v4
         with:

From a272cacef1871479361d2249f2f5c228eae1448e Mon Sep 17 00:00:00 2001
From: Andy Neff <andy@visionsystemsinc.com>
Date: Tue, 4 Nov 2025 16:24:19 -0500
Subject: [PATCH 6/9] CI [skip appveyor]

Signed-off-by: Andy Neff <andy@visionsystemsinc.com>
---
 .github/workflows/shellcheck.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
index 45de7e76c..fd6add627 100644
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@@ -15,7 +15,7 @@ jobs:
         with:
           submodules: false
       - name: Run ShellCheck
-        run: "${GITHUB_WORKSPACE}/.github/shellcheck.bsh"
+        run: "${GITHUB_WORKSPACE}/.github/shell_check.bsh"
       - name: Upload artifact
         uses: actions/upload-artifact@v4
         with:

From 6782be41bc856db171392946c1123ebb76ccde82 Mon Sep 17 00:00:00 2001
From: Andy Neff <andy@visionsystemsinc.com>
Date: Tue, 4 Nov 2025 16:28:47 -0500
Subject: [PATCH 7/9] CI [skip appveyor]

Signed-off-by: Andy Neff <andy@visionsystemsinc.com>
---
 .github/shell_check.bsh          | 2 --
 .github/workflows/shellcheck.yml | 2 ++
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/shell_check.bsh b/.github/shell_check.bsh
index 54a49a028..6231d2966 100755
--- a/.github/shell_check.bsh
+++ b/.github/shell_check.bsh
@@ -4,8 +4,6 @@
 
 set -eu
 
-apk add --no-cache git jq
-
 SHELLCHECK_ARGS=(
   # no fancy args with spaces, won't work because of how I pass array below
   -f json
diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
index fd6add627..bf6e66dc1 100644
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@@ -10,6 +10,8 @@ jobs:
     container:
       image: registry.gitlab.com/pipeline-components/shellcheck:latest
     steps:
+      - name: Preinstall
+        run: apk add --no-cache git jq
       - name: Checkout repository
         uses: actions/checkout@v4 # This step will also run inside the container
         with:

From 3f98d89ebc4a3177a3d2d7b7d03bc3159c557666 Mon Sep 17 00:00:00 2001
From: Andy Neff <andy@visionsystemsinc.com>
Date: Tue, 4 Nov 2025 16:29:50 -0500
Subject: [PATCH 8/9] CI [skip appveyor]

Signed-off-by: Andy Neff <andy@visionsystemsinc.com>
---
 .github/workflows/shellcheck.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
index bf6e66dc1..f799d978a 100644
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@@ -11,7 +11,9 @@ jobs:
       image: registry.gitlab.com/pipeline-components/shellcheck:latest
     steps:
       - name: Preinstall
-        run: apk add --no-cache git jq
+        run: |
+          apk add --no-cache git jq
+          git config --global --add safe.directory '*'
       - name: Checkout repository
         uses: actions/checkout@v4 # This step will also run inside the container
         with:

From 452a1ecbf9f9674b25b0209c92228f1805af44ea Mon Sep 17 00:00:00 2001
From: Andy Neff <andy@visionsystemsinc.com>
Date: Tue, 4 Nov 2025 16:40:49 -0500
Subject: [PATCH 9/9] CI [skip appveyor]

Signed-off-by: Andy Neff <andy@visionsystemsinc.com>
---
 .github/shell_check.bsh          | 2 +-
 .github/workflows/shellcheck.yml | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/shell_check.bsh b/.github/shell_check.bsh
index 6231d2966..75f8bae55 100755
--- a/.github/shell_check.bsh
+++ b/.github/shell_check.bsh
@@ -27,4 +27,4 @@ git ls-files -z |
 mkdir -p /tmp/results
 jq -s add /tmp/results.* > /tmp/results/shellcheck.json
 
-jq -r '.[] | select(.level == "error" or .level == "warning") | "::\(.level) file=\(.file),line=\(.line),col=\(.column),endColumn=\(.endColumn),title=Wtf::\(.message)"' /tmp/results/shellcheck.json
+jq -r '.[] | select(.level == "error" or .level == "warning") | "::\(.level) file=\(.file),line=\(.line),endLine=\(.endLine),col=\(.column),endColumn=\(.endColumn),title=ShellCheck::\(.message)"' /tmp/results/shellcheck.json
diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
index f799d978a..920f10508 100644
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@@ -23,5 +23,5 @@ jobs:
       - name: Upload artifact
         uses: actions/upload-artifact@v4
         with:
-          name: shellcheck-output
-          path: /tmp/results/
+          name: ShellCheck-results
+          path: /tmp/results/shellcheck.json